Abstract for HONS 04/20
Design of an IoT Authentication and Access Control Framework
Benjamin Thomas Hollows
Department of Computer Science and Software Engineering
University of Canterbury
Abstract
There is a growing number of manufacturers creating IoT (Internet of Things) devices but there is no common standard for security. This is an issue for large networks comprised of heterogeneous IoT devices as there is no easy way to secure the network. IoT networks are becoming more common and the security risks that they bring cannot be ignored. Steps must be taken to protect these networks from attack and mitigate the risks of a compromised device impacting the rest of the network. This report proposes an authentication and access control framework for IoT networks comprised of existing devices. By targeting existing devices the framework can be implemented on current networks and does not require IoT devices to be modified to take advantage of its security. The framework utilises a database of network devices and their access relationships, along with an easy to use interface and extensible automated control and configuration of network infrastructure. This allows a user to use the framework to easily control network security configuration of a range of heterogeneous devices. When compared with an equivalent manual configuration, the framework allows the user to configure the network in less steps, as access control lists and the application of access point configuration are done automatically.
